XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery

Hello 3APA3A!

These are Cross-Site Scripting vulnerabilities in YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery (with ZeroClipboard.swf).

Earlier I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard (http://seclists.org/fulldisclosure/2013/Feb/103). I wrote that this is very widespread flash-file and it's placed at tens of thousands of web sites. And it's used in hundreds of web applications. Among them are YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery. And there are many other vulnerable web applications with ZeroClipboard.